Armorize Website Security Alert Service Detects Drive-by Downloads

Armorize Technologies is making a push into the United States with a cloud-based service that detects Website compromises and alerts site owners.

Armorize Technologies is pushing its way into the U.S. security
market with a cloud-based scanning service that monitors Websites.
HackAlert 3.0 detects Website compromises and malware-laced ads in real-time and alerts site owners. The idea, CEO Caleb Sima said, is to provide protection against the type of drive-by downloads that have been a common attack vector in Asia for years.

"One of the things that really baffles me about security is the fact that I think we spend a lot of money identifying vulnerabilities...it's
absolutely valuable that you look for potential vulnerabilities," he
said. "But no one really scans you to identify if you have been
exploited or hacked or not."

Previously based entirely in Taiwan, the company has moved its
headquarters to Santa Clara, Calif. In addition to HackAlert, Armorize
sells a Web application firewall and a source code analysis tool. The
latter is what initially got Sima's attention. Co-founder of SPI
Dynamics (acquired by Hewlett-Packard), Sima first came
across Armorize at the RSA security conference a few years
ago.
After developing a relationship with the company, they offered him the job of CEO, and he came aboard in February.
"I think the biggest challenge is, one, building awareness of who
Armorize is," he said. "Armorize is not a startup company; it's not a
brand-new company. It's a small to medium size business...It's just a
matter of getting people to know who we are."
To that end, the company is making a big pitch around HackAlert 3.0. The service uses a mix of blacklists and behavioral and signature-based detection
to fight malware and recognize evasion methods used by attackers.
Its cloud-based API allows channel partners, VARs and resellers
to rebrand or integrate the service into their own offerings on the
backend.
HackAlert 3.0's analysis engines are distributed globally and are located in data centers in Asia, Europe and North America.
The need for the service is underscored by a recent analysis of the
top 100,000 sites on the Web. The company identified more than 1,000
sites that were actively serving malware, Sima said.
"Drive-by downloads are the No. 1 exploit method right now," he explained. "When I go and I exploit SQL injection vulnerabilities in
your Website, or cross-site scripting (bugs) in your Website, I'm
trying to figure out a way to embed a drive-by download in your Website."
Undetected malware on a high-traffic Website could cause millions of
drive-by downloads, lead to brand damage, and destroy customer
relationships, Burton Group analyst Dan Blum said in a statement.
"Organizations that want to protect their brands, bottom lines and
customer relationships must find ways to defend their Web applications
against malware injection and their customers from becoming drive-by
download victims," he said.
"Do you want to wake up, 8 a.m. in the morning, or 6 a.m. in the
morning, to your IT guy calling you and telling you that your customers
are calling and telling you that your site's been hacked? That's not
how you want to find out about a defacement," Sima said.